- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
select a course
Orlando, FL - April 18 - 25, 2008
- Event Location & Info
- General Info
- Faculty
- Vendor Expo
Wow! It's an incident handler's Christmas morning, tools, tools, tools. Very Applicable!
-Todd Davis, Symantec
Special Events
SANS 2008 Keynotes
Welcome to SANS GENERAL SESSION!
- Dr. Eric Cole
- Friday, April 18
- 8:30am - 9:00am
- Northern Hemisphere Salon A
Geekonomics: The Real Cost of Insecure Software
- David Rice
- Friday, April 18, 2008
- 7:00pm - 9:00pm
Software is becoming the foundation of civilization; yet few, if any industries composing national infrastructures enjoy such little oversight as software production. Despite general agreement on inadequate software development practices and the enormous cost born by individuals and organizations for protecting their systems from exploitation, the software industry enjoys remarkable insulation from liability and regulation. This is a dangerous proposition for national infrastructures. David Rice illuminates the economic impacts of poor quality software and compares regulatory standards among various industries as he challenges software purchasers to demand better quality software so that governments, faced with a popular uprising, will refuse to remain silent on the issue.
Birds of a Feather Lunch & Learn
- Banking & Financial Services - Brian Correia
- Health Care - Eric Bassel
- Saturday, April 19
- 12:30pm - 1:15pm
- Asia 4
Banking & Financial Services: Birds of a Feather
Join your peers as we host an open discussion on the biggest and hottest issues facing the financial industry today. Some of the items up for discussion include the obstacles and success stories within your organization, how can we better reach out to the product developers, and how can SANS better service IA professionalsin the financial industry.
Health Care Industry: Birds of a Feather
As you know, the Health Care Industry is under increasing pressure to guard and protect patient information, and not just to meet HIPPA regulations. Financial and Physical health is at stake. Join us for this important BoF event as we share problems, successes and solutions. Help explore ways that SANS canbetter service the IA professionals in your industry.
Birds of a Feather Lunch & Learn
- DoD and DoD Contractors - Eric Bassel
- Education - Brian Correia
- Sunday, April 20
- 12:30pm - 1:15pm
- Asia 4
DoD and DoD Contractor: Birds of a Feather
Department of Defense Directive 8570 mandates that 100% of the individuals in IA billets be certified by 2010with a minimum of 40% being trained by the end of FY08. Join us to discuss how to best to train your people and meet the requirements of this directive.
Education: Birds of a Feather
We will be hosting a discussion of the information security issues that are affecting educational organizations and campuses these days. Many times educational organizations have limited resources yet are on frontlines for cyber security attacks. Join your peers as we host an open discussion on the biggest and hottest issues facing campuses today. Some of the items up for discussion include the obstacles and successes stories within your organization, how can the industry be more effective, and how the industry can better share resources and information within offices.
Ed Skoudis Keynote Double Feature:
What Not to Do During a Breach Investigation
- plus -
Netcat without Netcat
Sunday, April 20, 2008
7:00pm - 9:00pm
This double feature keynote includes two independent, 1-hour segments, from Ed Skoudis. In the first segment, Ed will share information about some of the most egregious mistakes made by enterprises who have suffered a breach during the follow-on investigation. We've all seen headlines blaring about the exposure of a million credit cards here or another million health records there. Ed Skoudis has provided expert witness and analysis services on some of the biggest cases to date, and has learned some vital lessons on the right way organizations can support the follow-on investigation, as well as the wrong way. While no one wants to suffer a breach, this session will help arm you with tips for avoiding some common errors during the investigation phase if a breach does indeed happen.
While the first segment focuses on policy and procedures associated with a breach, in the second half of this double-header, Ed will pivot into a very technical talk associated with some really useful penetration testing skills. Many people have heard of Netcat, the flexible TCP and UDP network widget, useful for all kinds of activities, such as moving files, scanning ports, and creating backdoors. Many penetration testers rely heavily on Netcat for their work. But, one of the problems with Netcat is that it requires... well... Netcat. During a project, penetration testers can't assume that Netcat will already be installed on a compromised target machine, and the rules of engagement may prohibit them from installing any additional software such as Netcat. In this lively and engaging section, Ed will cover techniques on both Linux and Windows for using built-in tools to emulate Netcat-like functionality, all without Netcat. For example, we'll talk about how to use built-in Windows tools, with a few command-line tricks, to make a port scanner. We'll look at how to implement backdoors on Linux using only a shell. But that's just the start of the tips and tricks we'll cover that will help penetration testers, auditors, and other security pros do their jobs better.
A 2008 Perspective on the State of Malicious Software
- Lenny Zeltser
- Tuesday, April 22nd
- 5:30pm - 8:30pm
Not too long ago, the quarrels of mankind were confined to the physical world. When words weren't enough to settle disputes, contraptions such as the chariot, the bow, the gun, and the missile were employed. Now that our lives spill into the virtual world of the Internet, malware has become both the venue for illegitimate activities and the weapon for supporting illicit business models. Modern malware is written to bypass perimeter defenses, evade detection, and resist our efforts to disable it.
In this presentation, Lenny Zeltser surveys the characteristics of today's malware, exemplified by recently-seen bots, downloaders, keyloggers, and malicious scripts. He discusses samples that employed self-defense, social engineering, screen capture, fast-flux DNS, man-in-the-middle attacks, extortion demands, and so on. Come to better understand what we're up against. This session will expand your perspective of the modern malware landscape, empowering you to adjust your defenses and risk mitigation strategizes.
In addition to thought-leading SANS content, Norman Data Defense will be on-hand demonstrating the latest in anti-malware solutions. Mark your calendar to attend this informative session and register on-site to secure your spot! (Seats are limited). Food and beverage provided by sponsoring vendor.
Attendees: It is encouraged that you bring your laptop to this session so that you may participate in the hands-on demonstrations provided by sponsoring vendor(s). Gain a practical understanding of how these solutions operate. Network and internet access provided by SANS.
New Threat Vector: Baseboard Management Controller
- Bill Johnson, CEO of TDI
- Wednesday, April 23rd * 6:00-7:00pm
Learn why the new power management standards and hardware that are present on all server, desktop, and network hardware may present an open door for attackers. These potential security threats increase considerably in virtual environments. This session will be introduced by SANS President, Mr. Stephen Northcutt.